Bug Tracker

Symptoms

A false positive "no strong integrity param" is sent when none of the configured data-integrity parameters are present in the request.

Impact

A false positive "no strong integrity param" alert is sent.

Conditions

1. a protected URL has at least one parameter configured with data0integrity check enabled
2. enhanced data manipulation is enabled
3. a request without any of the data-integrity parameters is sent to the protected URL

Workaround

There is no workaround at this time.

Fix Information

"No strong integrity param" alert should be suppressed in case that none of the data-integrity parameters were sent.
In case that forcing all data-integrity parameters was enabled (tmsh modify sys db antifraud.autotransactions.parameternameintegrity value enable) - the alert will be sent.